GHSA-6P7C-22M4-R5FQ

Vulnerability from github – Published: 2025-12-09 18:30 – Updated: 2025-12-09 18:30
VLAI?
Details

In the Linux kernel, the following vulnerability has been resolved:

nvme-core: fix memory leak in dhchap_secret_store

Free dhchap_secret in nvme_ctrl_dhchap_secret_store() before we return fix following kmemleack:-

unreferenced object 0xffff8886376ea800 (size 64): comm "check", pid 22048, jiffies 4344316705 (age 92.199s) hex dump (first 32 bytes): 44 48 48 43 2d 31 3a 30 30 3a 6e 78 72 35 4b 67 DHHC-1:00:nxr5Kg 75 58 34 75 6f 41 78 73 4a 61 34 63 2f 68 75 4c uX4uoAxsJa4c/huL backtrace: [<0000000030ce5d4b>] __kmalloc+0x4b/0x130 [<000000009be1cdc1>] nvme_ctrl_dhchap_secret_store+0x8f/0x160 [nvme_core] [<00000000ac06c96a>] kernfs_fop_write_iter+0x12b/0x1c0 [<00000000437e7ced>] vfs_write+0x2ba/0x3c0 [<00000000f9491baf>] ksys_write+0x5f/0xe0 [<000000001c46513d>] do_syscall_64+0x3b/0x90 [<00000000ecf348fe>] entry_SYSCALL_64_after_hwframe+0x72/0xdc unreferenced object 0xffff8886376eaf00 (size 64): comm "check", pid 22048, jiffies 4344316736 (age 92.168s) hex dump (first 32 bytes): 44 48 48 43 2d 31 3a 30 30 3a 6e 78 72 35 4b 67 DHHC-1:00:nxr5Kg 75 58 34 75 6f 41 78 73 4a 61 34 63 2f 68 75 4c uX4uoAxsJa4c/huL backtrace: [<0000000030ce5d4b>] __kmalloc+0x4b/0x130 [<000000009be1cdc1>] nvme_ctrl_dhchap_secret_store+0x8f/0x160 [nvme_core] [<00000000ac06c96a>] kernfs_fop_write_iter+0x12b/0x1c0 [<00000000437e7ced>] vfs_write+0x2ba/0x3c0 [<00000000f9491baf>] ksys_write+0x5f/0xe0 [<000000001c46513d>] do_syscall_64+0x3b/0x90 [<00000000ecf348fe>] entry_SYSCALL_64_after_hwframe+0x72/0xdc

Show details on source website
To clipboard 

{
  "affected": [],
  "aliases": [
    "CVE-2023-53852"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-12-09T16:17:25Z",
    "severity": null
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvme-core: fix memory leak in dhchap_secret_store\n\nFree dhchap_secret in nvme_ctrl_dhchap_secret_store() before we return\nfix following kmemleack:-\n\nunreferenced object 0xffff8886376ea800 (size 64):\n  comm \"check\", pid 22048, jiffies 4344316705 (age 92.199s)\n  hex dump (first 32 bytes):\n    44 48 48 43 2d 31 3a 30 30 3a 6e 78 72 35 4b 67  DHHC-1:00:nxr5Kg\n    75 58 34 75 6f 41 78 73 4a 61 34 63 2f 68 75 4c  uX4uoAxsJa4c/huL\n  backtrace:\n    [\u003c0000000030ce5d4b\u003e] __kmalloc+0x4b/0x130\n    [\u003c000000009be1cdc1\u003e] nvme_ctrl_dhchap_secret_store+0x8f/0x160 [nvme_core]\n    [\u003c00000000ac06c96a\u003e] kernfs_fop_write_iter+0x12b/0x1c0\n    [\u003c00000000437e7ced\u003e] vfs_write+0x2ba/0x3c0\n    [\u003c00000000f9491baf\u003e] ksys_write+0x5f/0xe0\n    [\u003c000000001c46513d\u003e] do_syscall_64+0x3b/0x90\n    [\u003c00000000ecf348fe\u003e] entry_SYSCALL_64_after_hwframe+0x72/0xdc\nunreferenced object 0xffff8886376eaf00 (size 64):\n  comm \"check\", pid 22048, jiffies 4344316736 (age 92.168s)\n  hex dump (first 32 bytes):\n    44 48 48 43 2d 31 3a 30 30 3a 6e 78 72 35 4b 67  DHHC-1:00:nxr5Kg\n    75 58 34 75 6f 41 78 73 4a 61 34 63 2f 68 75 4c  uX4uoAxsJa4c/huL\n  backtrace:\n    [\u003c0000000030ce5d4b\u003e] __kmalloc+0x4b/0x130\n    [\u003c000000009be1cdc1\u003e] nvme_ctrl_dhchap_secret_store+0x8f/0x160 [nvme_core]\n    [\u003c00000000ac06c96a\u003e] kernfs_fop_write_iter+0x12b/0x1c0\n    [\u003c00000000437e7ced\u003e] vfs_write+0x2ba/0x3c0\n    [\u003c00000000f9491baf\u003e] ksys_write+0x5f/0xe0\n    [\u003c000000001c46513d\u003e] do_syscall_64+0x3b/0x90\n    [\u003c00000000ecf348fe\u003e] entry_SYSCALL_64_after_hwframe+0x72/0xdc",
  "id": "GHSA-6p7c-22m4-r5fq",
  "modified": "2025-12-09T18:30:34Z",
  "published": "2025-12-09T18:30:34Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53852"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/2e9b141307554521d60fecf6bf1d2edc8dd0181d"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/6a5eda5017959541ab82c5d56bcf784b8294e298"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/a836ca33c5b07d34dd5347af9f64d25651d12674"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/c41ac086d2abaf7527a5685f9c0a1c209ab7e0aa"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.